Apple has released new security fixes for iPhones and iPads in the form of iOS 18.3.1 and iPadOS 18.3.1. According to Apple’s release notes, these updates patch an actively exploited security flaw in the USB Restricted Mode feature, which requires users to unlock their devices periodically to continue using USB data connections via a device’s Lightning or USB-C port.
Apple says that the vulnerability, labeled CVE-2025-24200, “may have been exploited in an extremely sophisticated attack against specific targeted individuals.” We don’t know anything more specific about who those individuals are or why they might have been targeted.
Apple has also supplied an identical fix for older iPads in the form of iPadOS 17.7.5, which is still being updated on old models like the 2nd-generation 12.9-inch iPad Pro, the 10.5-inch iPad Pro, and the 6th-generation iPad.
Apple has released updates for some of its other operating systems, too: macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, watchOS 11.3.1, and visionOS 2.3.1. The company’s security updates page says these releases don’t fix any currently published CVEs, but there’s always a chance this could change later on as more CVEs are disclosed.
